Update AxolotlKit.

AxolotlKit/AxolotlKit/Classes/CipherMessage/PreKeyWhisperMessage.m

@@ -33,6 +33,10 @@ - (instancetype)initWithWhisperMessage:(WhisperMessage *)whisperMessage
                                baseKey:(NSData *)baseKey
                            identityKey:(NSData *)identityKey
 {
+    OWSAssert(whisperMessage);
+    OWSAssert(baseKey);
+    OWSAssert(identityKey);
+
     if (self = [super init]) {
         _registrationId = registrationId;
         _version = whisperMessage.version;
@@ -72,6 +76,11 @@ - (instancetype)initWithWhisperMessage:(WhisperMessage *)whisperMessage
 - (instancetype)initWithData:(NSData *)serialized
 {
     if (self = [super init]) {
+        if (serialized.length < 1) {
+            OWSFailDebug(@"Empty data");
+            OWSRaiseException(InvalidMessageException, @"Empty data");
+        }
+
         Byte version;
         [serialized getBytes:&version length:1];
         _version = [SerializationUtilities highBitsToIntFromByte:version];
@@ -82,7 +91,9 @@ - (instancetype)initWithData:(NSData *)serialized
                                          userInfo:@{ @"version" : [NSNumber numberWithInt:_version] }];
         }
 
-        NSData *messageData = [serialized subdataWithRange:NSMakeRange(1, serialized.length - 1)];
+        NSUInteger messageDataLength;
+        ows_sub_overflow(serialized.length, 1, &messageDataLength);
+        NSData *messageData = [serialized subdataWithRange:NSMakeRange(1, messageDataLength)];
 
         NSError *error;
         SPKProtoTSProtoPreKeyWhisperMessage *_Nullable preKeyWhisperMessage =
@@ -96,7 +107,7 @@ - (instancetype)initWithData:(NSData *)serialized
         _registrationId = preKeyWhisperMessage.registrationID;
 
         // This method is called when decrypting a received PreKeyMessage, but to be symmetrical with
-        // encrypting a PreKeyWhisperMessage before sending, we use "-1" to indicate *no* unsignd prekey was
+        // encrypting a PreKeyWhisperMessage before sending, we use "-1" to indicate *no* unsigned prekey was
         // included.
         _prekeyID = preKeyWhisperMessage.hasPreKeyID ? preKeyWhisperMessage.preKeyID : -1;
         _signedPrekeyId = preKeyWhisperMessage.signedPreKeyID;

AxolotlKit/AxolotlKit/Classes/CipherMessage/WhisperMessage.m

@@ -25,6 +25,13 @@ - (instancetype)initWithVersion:(int)version
               senderIdentityKey:(NSData *)senderIdentityKey
             receiverIdentityKey:(NSData *)receiverIdentityKey
 {
+    OWSAssert(macKey);
+    OWSAssert(senderRatchetKey);
+    OWSAssert(cipherText);
+    OWSAssert(cipherText);
+    OWSAssert(senderIdentityKey);
+    OWSAssert(receiverIdentityKey);
+
     if (self = [super init]) {
         Byte versionByte = [SerializationUtilities intsToByteHigh:version low:CURRENT_VERSION];
         NSMutableData *serialized = [NSMutableData dataWithBytes:&versionByte length:1];
@@ -72,10 +79,13 @@ - (instancetype)initWithData:(NSData *)serialized
         Byte version;
         [serialized getBytes:&version length:VERSION_LENGTH];
 
-        NSData *messageAndMac =
-            [serialized subdataWithRange:NSMakeRange(VERSION_LENGTH, serialized.length - VERSION_LENGTH)];
+        NSUInteger messageAndMacLength;
+        ows_sub_overflow(serialized.length, VERSION_LENGTH, &messageAndMacLength);
+        NSData *messageAndMac = [serialized subdataWithRange:NSMakeRange(VERSION_LENGTH, messageAndMacLength)];
 
-        NSData *messageData = [messageAndMac subdataWithRange:NSMakeRange(0, messageAndMac.length - MAC_LENGTH)];
+        NSUInteger messageLength;
+        ows_sub_overflow(messageAndMac.length, MAC_LENGTH, &messageLength);
+        NSData *messageData = [messageAndMac subdataWithRange:NSMakeRange(0, messageLength)];
 
         if ([SerializationUtilities highBitsToIntFromByte:version] < MINIMUM_SUPPORTED_VERSION) {
             @throw [NSException
@@ -117,9 +127,19 @@ - (void)verifyMacWithVersion:(int)messageVersion
          receiverIdentityKey:(NSData *)receiverIdentityKey
                       macKey:(NSData *)macKey
 {
+    OWSAssert(senderIdentityKey);
+    OWSAssert(receiverIdentityKey);
+    OWSAssert(macKey);
+
     SPKDataParser *dataParser = [[SPKDataParser alloc] initWithData:self.serialized];
     NSError *error;
-    NSData *_Nullable data = [dataParser nextDataWithLength:self.serialized.length - MAC_LENGTH error:&error];
+
+    NSUInteger messageLength;
+    if (__builtin_sub_overflow(self.serialized.length, MAC_LENGTH, &messageLength)) {
+        OWSFailDebug(@"Data too short");
+        OWSRaiseException(InvalidMessageException, @"Data too short");
+    }
+    NSData *_Nullable data = [dataParser nextDataWithLength:messageLength error:&error];
     if (!data || error) {
         OWSFailDebug(@"Could not parse data: %@.", error);
         OWSRaiseException(InvalidMessageException, @"Could not parse data.");

AxolotlKit/AxolotlKit/Classes/Crypto/AES-CBC.m

@@ -34,11 +34,10 @@ + (NSData *)encryptCBCMode:(NSData *)data withKey:(NSData *)key withIV:(NSData *
         @throw [NSException exceptionWithName:CipherException reason:@"AES-CBC IV should be 128 bits." userInfo:nil];
     }
 
-    size_t bufferSize = [data length] + kCCBlockSizeAES128;
+    size_t bufferSize;
+    ows_add_overflow(data.length, kCCBlockSizeAES128, &bufferSize);
     NSMutableData *_Nullable bufferData = [NSMutableData dataWithLength:bufferSize];
-    if (!bufferData) {
-        @throw [NSException exceptionWithName:CipherException reason:@"Couldn't allocate buffer." userInfo:nil];
-    }
+    OWSAssert(bufferData != nil);
 
     size_t bytesEncrypted = 0;
     CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt,
@@ -77,11 +76,10 @@ + (NSData *)decryptCBCMode:(NSData *)data withKey:(NSData *)key withIV:(NSData *
         @throw [NSException exceptionWithName:CipherException reason:@"AES-CBC IV should be 128 bits." userInfo:nil];
     }
 
-    size_t bufferSize = [data length] + kCCBlockSizeAES128;
+    size_t bufferSize;
+    ows_add_overflow(data.length, kCCBlockSizeAES128, &bufferSize);
     NSMutableData *_Nullable bufferData = [NSMutableData dataWithLength:bufferSize];
-    if (!bufferData) {
-        OWSFail(@"Couldn't allocate buffer.");
-    }
+    OWSAssert(bufferData != nil);
 
     size_t bytesDecrypted = 0;
     CCCryptorStatus cryptStatus = CCCrypt(kCCDecrypt,

AxolotlKit/AxolotlKit/Classes/Prekeys/PreKeyBundle.h

@@ -19,13 +19,13 @@
 @property (nonatomic, readonly) int      signedPreKeyId;
 @property (nonatomic, readonly) NSData   *signedPreKeySignature;
 
-- (instancetype)initWithRegistrationId:(int)registrationId
-                              deviceId:(int)deviceId
-                              preKeyId:(int)preKeyId
-                          preKeyPublic:(NSData*)preKeyPublic
-                    signedPreKeyPublic:(NSData*)signedPreKeyPublic
-                        signedPreKeyId:(int)signedPreKeyId
-                 signedPreKeySignature:(NSData*)signedPreKeySignature
-                           identityKey:(NSData*)identityKey;
+- (nullable instancetype)initWithRegistrationId:(int)registrationId
+                                       deviceId:(int)deviceId
+                                       preKeyId:(int)preKeyId
+                                   preKeyPublic:(NSData *)preKeyPublic
+                             signedPreKeyPublic:(NSData *)signedPreKeyPublic
+                                 signedPreKeyId:(int)signedPreKeyId
+                          signedPreKeySignature:(NSData *)signedPreKeySignature
+                                    identityKey:(NSData *)identityKey;
 
 @end

AxolotlKit/AxolotlKit/Classes/Prekeys/PreKeyBundle.m

@@ -20,17 +20,34 @@
 
 @implementation PreKeyBundle
 
-- (instancetype)initWithRegistrationId:(int)registrationId
-                              deviceId:(int)deviceId
-                              preKeyId:(int)preKeyId
-                          preKeyPublic:(NSData*)preKeyPublic
-                    signedPreKeyPublic:(NSData*)signedPreKeyPublic
-                        signedPreKeyId:(int)signedPreKeyId
-                 signedPreKeySignature:(NSData*)signedPreKeySignature
-                           identityKey:(NSData*)identityKey{
-
+- (nullable instancetype)initWithRegistrationId:(int)registrationId
+                                       deviceId:(int)deviceId
+                                       preKeyId:(int)preKeyId
+                                   preKeyPublic:(NSData *)preKeyPublic
+                             signedPreKeyPublic:(NSData *)signedPreKeyPublic
+                                 signedPreKeyId:(int)signedPreKeyId
+                          signedPreKeySignature:(NSData *)signedPreKeySignature
+                                    identityKey:(NSData *)identityKey
+{
+    if (preKeyPublic && preKeyPublic.length == 32) {
+        OWSFailDebug(@"preKeyPublic && preKeyPublic.length == 32");
+        return nil;
+    }
+    if (signedPreKeyPublic.length != 32) {
+        OWSFailDebug(@"signedPreKeyPublic.length != 32");
+        return nil;
+    }
+    if (!signedPreKeySignature) {
+        OWSFailDebug(@"!signedPreKeySignature");
+        return nil;
+    }
+    if (identityKey.length != 32) {
+        OWSFailDebug(@"identityKey.length != 32");
+        return nil;
+    }
+
     self = [super init];
-    
+
     if (self) {
         _identityKey           = identityKey;
         _registrationId        = registrationId;

AxolotlKit/AxolotlKit/Classes/Prekeys/PreKeyRecord.m

@@ -18,6 +18,8 @@ + (BOOL)supportsSecureCoding{
 }
 
 - (instancetype)initWithId:(int)identifier keyPair:(ECKeyPair*)keyPair{
+    OWSAssert(keyPair);
+
     self = [super init];
 
     if (self) {

AxolotlKit/AxolotlKit/Classes/Prekeys/SignedPrekeyRecord.h

@@ -14,6 +14,7 @@
 @property (nonatomic, readonly) BOOL wasAcceptedByService;
 
 - (instancetype)initWithId:(int)identifier keyPair:(ECKeyPair *)keyPair signature:(NSData*)signature generatedAt:(NSDate*)generatedAt;
+- (instancetype)initWithId:(int)identifier keyPair:(ECKeyPair *)keyPair NS_UNAVAILABLE;
 
 - (void)markAsAcceptedByService;
 

AxolotlKit/AxolotlKit/Classes/Prekeys/SignedPrekeyRecord.m

@@ -22,6 +22,10 @@ - (instancetype)initWithId:(int)identifier
                generatedAt:(NSDate *)generatedAt
       wasAcceptedByService:(BOOL)wasAcceptedByService
 {
+    OWSAssert(keyPair);
+    OWSAssert(signature);
+    OWSAssert(generatedAt);
+
     self = [super initWithId:identifier keyPair:keyPair];
 
     if (self) {
@@ -61,7 +65,7 @@ - (void)encodeWithCoder:(NSCoder *)aCoder{
 }
 
 - (instancetype)initWithId:(int)identifier keyPair:(ECKeyPair*)keyPair{
-    NSAssert(FALSE, @"Signed PreKeys need a signature");
+    OWSAbstractMethod();
     return nil;
 }
 

AxolotlKit/AxolotlKit/Classes/Ratchet/AliceAxolotlParameters.m

@@ -13,7 +13,13 @@ @implementation AliceAxolotlParameters
 @synthesize ourIdentityKeyPair=_ourIdentityKeyPair, theirIdentityKey=_theirIdentityKey;
 
 - (instancetype)initWithIdentityKey:(ECKeyPair*)myIdentityKey theirIdentityKey:(NSData*)theirIdentityKey ourBaseKey:(ECKeyPair*)ourBaseKey theirSignedPreKey:(NSData*)theirSignedPreKey theirOneTimePreKey:(NSData*)theirOneTimePreKey theirRatchetKey:(NSData*)theirRatchetKey{
-
+
+    OWSAssert(myIdentityKey);
+    OWSAssert(theirIdentityKey);
+    OWSAssert(ourBaseKey);
+    OWSAssert(theirSignedPreKey);
+    OWSAssert(theirRatchetKey);
+
     self = [super init];
 
     if (self) {

AxolotlKit/AxolotlKit/Classes/Ratchet/BobAxolotlParameters.m

@@ -13,6 +13,13 @@ @implementation BobAxolotlParameters
 @synthesize theirIdentityKey=_theirIdentityKey, ourIdentityKeyPair=_ourIdentityKeyPair;
 
 - (instancetype)initWithMyIdentityKeyPair:(ECKeyPair*)ourIdentityKeyPair theirIdentityKey:(NSData*)theirIdentityKey ourSignedPrekey:(ECKeyPair*)ourSignedPrekey ourRatchetKey:(ECKeyPair*)ourRatchetKey ourOneTimePrekey:(ECKeyPair*)ourOneTimeKeyPair theirBaseKey:(NSData*)theirBaseKey{
+
+    OWSAssert(ourIdentityKeyPair);
+    OWSAssert(theirIdentityKey);
+    OWSAssert(ourSignedPrekey);
+    OWSAssert(ourRatchetKey);
+    OWSAssert(theirBaseKey);
+
     self = [super init];
 
     if (self) {

AxolotlKit/AxolotlKit/Classes/Ratchet/ChainKey.h

@@ -17,7 +17,8 @@ NS_ASSUME_NONNULL_BEGIN
 @property (nonatomic, readonly) int index;
 @property (nonatomic, readonly) NSData *key;
 
-- (instancetype)initWithData:(NSData *)chainKey index:(int)index;
+- (instancetype)init NS_UNAVAILABLE;
+- (instancetype)initWithData:(NSData *)chainKey index:(int)index NS_DESIGNATED_INITIALIZER;
 
 - (instancetype)nextChainKey;
 

AxolotlKit/AxolotlKit/Classes/Ratchet/ChainKey.m

@@ -26,14 +26,10 @@ + (BOOL)supportsSecureCoding
 
 - (nullable id)initWithCoder:(NSCoder *)aDecoder
 {
-    self = [super init];
+    NSData *key = [aDecoder decodeObjectOfClass:[NSData class] forKey:kCoderKey];
+    int index = [aDecoder decodeIntForKey:kCoderIndex];
 
-    if (self) {
-        _key = [aDecoder decodeObjectOfClass:[NSData class] forKey:kCoderKey];
-        _index = [aDecoder decodeIntForKey:kCoderIndex];
-    }
-
-    return self;
+    return [self initWithData:key index:index];
 }
 
 - (void)encodeWithCoder:(NSCoder *)aCoder
@@ -44,7 +40,8 @@ - (void)encodeWithCoder:(NSCoder *)aCoder
 
 - (instancetype)initWithData:(NSData *)chainKey index:(int)index
 {
-    OWSAssert(chainKey.length == ECCKeyLength);
+    OWSAssert(chainKey.length == 32);
+    OWSAssert(index >= 0);
 
     self = [super init];
 
@@ -59,8 +56,11 @@ - (instancetype)initWithData:(NSData *)chainKey index:(int)index
 - (instancetype)nextChainKey
 {
     NSData *nextCK = [self baseMaterial:[NSData dataWithBytes:kChainKeySeed length:kTSKeySeedLength]];
+    OWSAssert(nextCK.length == 32);
 
-    return [[ChainKey alloc] initWithData:nextCK index:self.index + 1];
+    int nextIndex;
+    ows_add_overflow(self.index, 1, &nextIndex);
+    return [[ChainKey alloc] initWithData:nextCK index:nextIndex];
 }
 
 - (MessageKeys *)messageKeys
@@ -75,23 +75,13 @@ - (MessageKeys *)messageKeys
 
 - (NSData *)baseMaterial:(NSData *)seed
 {
-    if (!self.key) {
-        @throw [NSException exceptionWithName:NSInvalidArgumentException reason:@"Missing key." userInfo:nil];
-    }
-    if (self.key.length >= SIZE_MAX) {
-        @throw [NSException exceptionWithName:NSInvalidArgumentException reason:@"Oversize key." userInfo:nil];
-    }
-    if (!seed) {
-        @throw [NSException exceptionWithName:NSInvalidArgumentException reason:@"Missing seed." userInfo:nil];
-    }
-    if (seed.length >= SIZE_MAX) {
-        @throw [NSException exceptionWithName:NSInvalidArgumentException reason:@"Oversize seed." userInfo:nil];
-    }
+    OWSAssert(self.key);
+    OWSAssert(self.key.length == 32);
+    OWSAssert(seed);
+    OWSAssert(seed.length == kTSKeySeedLength);
 
     NSMutableData *_Nullable bufferData = [NSMutableData dataWithLength:CC_SHA256_DIGEST_LENGTH];
-    if (!bufferData) {
-        OWSFail(@"Couldn't allocate buffer.");
-    }
+    OWSAssert(bufferData);
 
     CCHmacContext ctx;
     CCHmacInit(&ctx, kCCHmacAlgSHA256, [self.key bytes], [self.key length]);

AxolotlKit/AxolotlKit/Classes/Ratchet/MessageKeys.m

@@ -37,6 +37,11 @@ - (void)encodeWithCoder:(NSCoder *)aCoder{
 
 
 - (instancetype)initWithCipherKey:(NSData*)cipherKey macKey:(NSData*)macKey iv:(NSData *)data index:(int)index{
+
+    OWSAssert(cipherKey);
+    OWSAssert(macKey);
+    OWSAssert(data);
+
     self = [super init];
 
     if (self) {

AxolotlKit/AxolotlKit/Classes/Ratchet/RKCK.m

@@ -9,6 +9,9 @@
 @implementation RKCK
 
 - (instancetype)initWithRK:(RootKey*)rootKey CK:(ChainKey*)chainKey{
+    OWSAssert(rootKey);
+    OWSAssert(chainKey);
+
     self = [super init];
     self.rootKey = rootKey;
     self.chainKey   = chainKey;